Hi, I'm Vivian, a cybersecurity and AI Product Manager trying to keep up with an industry that moves faster than I can whisk up my morning matcha. Every week brings a new wave of vulnerabilities, AI security mishaps, and breaches that keep us on our toes, so I take some time to share the most interesting news instead of letting it all blur together. Let's dive into whats been keeping us up at night recently in cybersecurity and AI security.

AI Research & Vulnerabilities

AI Sidebar Spoofing in Browser AI Interfaces

Researchers discovered that malicious browser extensions can create fake AI sidebars that trick users into following harmful instructions. The spoofed sidebar delivers malicious responses to user prompts and replaces legitimate URLs with phishing sites, injects backdoor commands, or exfiltrates credentials while looking identical to native AI interfaces in browsers like Comet, ChatGPT Atlas, Edge, and Brave.

AI Browsers Extract Hidden Malicious Prompts from Screenshots

Researchers uncovered new indirect prompt injection vectors in AI browsers including Perplexity Comet and Fellou. Attackers can embed malicious instructions in web images that get extracted via OCR when users take screenshots, bypassing text-based sanitization. Additionally, Fellou was found to automatically send webpage content to its LLM during navigation, allowing visible webpage text to override user intent. Both attacks exploit the failure to distinguish trusted user input from untrusted web content when constructing LLM prompts.

OpenAI Atlas Clipboard Injection Vulnerability

A security researcher demonstrated a clipboard injection vulnerability in OpenAI's Atlas browser. The attack embeds hidden JavaScript code in webpages that silently copies malicious links to the user's clipboard when the AI agent clicks buttons during autonomous browsing. Since the malicious logic operates in the backend, the AI agent has no awareness of the injected content, making detection or prevention impossible. Users who later paste content could be redirected to phishing sites, exposing login credentials and sensitive data.

Cybersecurity News

"CoPhish" Attack Weaponizes Microsoft Copilot Studio for OAuth Phishing

Researchers uncovered "CoPhish," a novel attack technique that exploits Microsoft Copilot Studio to conduct OAuth phishing from the trusted copilotstudio.microsoft.com domain. Since the malicious traffic originates from Microsoft's own infrastructure, it evades traditional detection methods while exploiting gaps in current application consent policies to access email, calendars, and file storage.

McKinsey Warns Banks Could Lose $170 Billion to Agentic AI

McKinsey's Global Banking Annual Review 2025 predicts banks could face a $170 billion profit decline if they fail to adapt to customers using agentic AI to optimize their finances. The report notes that consumers hold $23 trillion in near-zero interest accounts, and AI agents could automate moving these funds to higher-yield options. While AI adoption could reduce banking costs by 15-20%, McKinsey warns that competitive pressure will likely push those savings to customers rather than banks.

YouTube Ghost Network Distributing Malware

Researchers discovered a YouTube Ghost Network using over 3,000 malicious videos to distribute infostealers like Rhadamanthys and Lumma, primarily targeting users searching for game cheats and cracked software. The network operates through compromised YouTube accounts by creating malicious videos, posting fake positive comments, and building false trust to convince victims to download malware. Attackers rotate command-and-control servers every 3-4 days to evade detection.

North Korean Lazarus Hackers Target European Drone Manufacturers

Researchers uncovered a coordinated Operation DreamJob campaign where North Korean hackers targeted three European defense companies involved in UAV technology development. The attackers used fake recruitment lures to trick employees into downloading trojanized software, deploying the ScoringMathTea remote access trojan. All three companies manufacture military equipment currently deployed in Ukraine, with two directly involved in drone components and UAV software design.

LastPass Users Targeted in CryptoChameleon Phishing Campaign

LastPass warned customers about an ongoing phishing campaign attributed to the CryptoChameleon group that uses spoofed emails claiming a family member requested vault access via death certificate. The emails direct victims to a fake recovery site to steal master passwords, with threat actors also making follow-up phone calls impersonating LastPass support. LastPass has taken down the initial phishing infrastructure and reminds users it will never ask for master passwords.

Startup/VC News

Keycard Raises $38M in Seed and Series A Funding

San Francisco-based Keycard emerged from stealth with $38 million in combined funding to build identity and access management for AI agents. The company provides granular, per-task access controls for enterprise AI agents, replacing static API keys with dynamic tokens that adapt to changing contexts and automatically revoke permissions after tasks complete.

Chainguard Raises $280M Non-Dilutive Financing

Chainguard secured $280 million in non-dilutive growth financing to expand its software supply chain security platform. The company provides tools to help enterprises protect open-source software components and container images.


That's all for now… Stay informed and protected.